Kim Cerra

**Name of the Vulnerable Software and Affected Versions** Web Directory Free WordPress plugin versions prior to 1.7.3 **Description** The issue is related to a Local File Inclusion problem. It occurs because the plugin does not validate a parameter before using it in an include(), which could lead to Local File Inclusion issues. Unauthenticated attackers can exploit this to access sensitive server files. **Recommendations** For versions prior to 1.7.3, update to version 1.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive server files until the update is applied.

**Name of the Vulnerable Software and Affected Versions** The Web Directory Free WordPress plugin versions prior to 1.7.2 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the page. This could be exploited against high-privilege users, such as administrators. **Recommendations** For versions prior to 1.7.2, update to version 1.7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** The Web Directory Free WordPress plugin versions prior to 1.7.0 **Description** The issue concerns a SQL injection vulnerability. It occurs because a parameter is not properly sanitised and escaped before being used in a SQL statement via an AJAX action. This action is available to unauthenticated users, making it accessible without login credentials. The SQL injection can be performed using different techniques, including UNION, Time-Based, and Error-Based methods. **Recommendations** For versions prior to 1.7.0, update to version 1.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the AJAX action until the update can be applied.